Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
While implementing SSL , do we need to make any changes to the ISA Server rules ?
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
While implementing SSL , do we need to make any changes... - 12.Jun.2004 12:32:00 PM
|
|
|
raedaljarrah
Posts: 227
Joined: 15.Jul.2001
From: Qatar
Status: offline
|
Hi ;
I have the following setup :
Exchange 2000 server on the Internal LAN which has a separate DNS name from the public domain .
Internal ISA is used to publish the E2K server using the usual Mail Server wizard and the Incoming Web Request listener .
Mail is then forwarded to a DMZ-Located SMTP relay which in turn forwards all mail traffic to the External ISA server ( this one is configured with a Web Listener and a SMTP server publishing rule ) .
Now when SSL is forced on the E2K server , do I have to reconfigure the ISA server rules in order to pass the SSL traffic and how ?
My major concern is in the authentication options I should use both on the OWA properties and the Incoming WEb listener on the ISA Servers !
I have tried to releif the users from having to type their domainname\username combination but with no luck !
Thanks
|
|
|
|
|
RE: While implementing SSL , do we need to make any cha... - 12.Jun.2004 12:59:00 PM
|
|
|
tshinder
Posts: 47669
Joined: 10.Jan.2001
From: Texas
Status: online
|
Hi Raed,
Check out the five part article on OWA publishing on this site. Make sure that you force basic authentication on the OWA directories and that you use SSL to SSL bridging.
HTH,
Tom
|
|
|
|
|
RE: While implementing SSL , do we need to make any cha... - 21.Jun.2005 9:44:00 PM
|
|
|
ferrix
Posts: 377
Joined: 16.Mar.2005
Status: offline
|
Couple things to add for others who might happen upon this post. We have two filters which may be of interest to orgs publishing Exchange features through ISA.
Warning: this is a shameless plug (but I really think the stuff is cool, so hopefully I don't loose too much Karma points)
WebDirect allows you to funnel incoming requests to the correct URL (so your OWA server doesn't have to ever see unauthenticated HTTP requests).
FlexAuth provides Single Sign On features to published web sites in ISA 2004. Customize your Forms-Based-Authentication (FBA) pages. Use one set of credentials across many web listeners without re-authentication. ActiveSync/Exchange-OMA and other simple clients automatically use Basic Authentication (without splitting listeners!) Supports LDAP/LDAP-SSL for authentication. Use Windows groups/users in your access rules, even if ISA is not in your domain.
This stuff is available for free eval, if you're interested, at http://www.collectivesoftware.com .
Cheers!
|
|
|
|
RE: While implementing SSL , do we need to make any cha... - 21.Jun.2005 9:58:00 PM
|
|
|
ferrix
Posts: 377
Joined: 16.Mar.2005
Status: offline
|
Woops, I need to amend prior post. Our filters are for ISA 2004, not 2000. Didn't see I was in the wrong group. Sorry!
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
